<?php include "../service/util/authenticateSession.php"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Đổi password</title>
    <?php 
		include("import.php");
		include "../service/userService.php";
		include "messages.properties.php";
	?>
</head>

<body>
<form action="changePass.php" method="post">
	<div class="table">
		<table>
			<tr>
				<td colspan="2"><h2><b><?php echo $_SESSION["username"][1]; ?></b></h2></td>
			</tr>
			<tr>
				<td>Nhập Mật Khẩu Cũ:</td>
				<td><input type="password" name="old" id="old"/></td>
			</tr>
			<tr>
				<td>Nhập Mật Khẩu Mới:</td>
				<td><input type="password" name="new" id="new"/></td>
			</tr>
			<tr>
				<td>Nhập Lại Mật Khẩu Mới:</td>
				<td><input type="password" name="confirmPass" id="confirmPass"/></td>
			</tr>
			<tr>
				<td colspan="2">
					<?php
					if (isset($_POST["accept"])) {
						$old = $_POST["old"];
						$new = $_POST["new"];
						$confirmPass = $_POST["confirmPass"];

						$result1 = findUserBy($_SESSION["username"][1]);
						$row1 = ConnectionManager::getInstance()->fetch($result1);

						$result2 = authenticateUser($_SESSION["username"][1], md5($old), 1);

						if ($result2 && $new == $confirmPass) {
							updatePassword($row1["USER_ID"], md5($new));
							echo $messages["updatedPassSuccuessfully"];
						} else {
							echo $messages["updatedPassFailed"];
						}
					}
					?>
				</td>
			</tr>
			<tr>
				<td colspan="2" align="center">
					<input type="submit" class="button" value="Chấp nhận" name="accept" id="accept"/>
					<input type="reset" class="button" value="Xoá Biểu Nhập" id="clear" name="clear"/>
					<input type="reset" class="button" value="Đóng" onclick="window.close();"/>  
				</td>
			</tr>
		</table>
	</div>
</form>
<?php ConnectionManager::getInstance()->closeConnection(); ?>
</body>
</html>